CVE-2008-5027
published 2008-11-10CVE-2008-5027: The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger…
PriorityP335medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
6.74%
93.1th percentile
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.
Affected
51 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nagios | nagios | <= 3.0.4 | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
| nagios | nagios | — | — |
CVSS provenance
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_ubuntu6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-97vg-j9rv-47hw: The Nagios process in (1) Nagios before 3
ghsa_unreviewed·2022-05-17
CVE-2008-5027 [MEDIUM] GHSA-97vg-j9rv-47hw: The Nagios process in (1) Nagios before 3
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.
Ubuntu
Nagios vulnerabilities
vendor_ubuntu·2008-12-23·CVSS 6.5
CVE-2008-5027 [MEDIUM] Nagios vulnerabilities
Title: Nagios vulnerabilities
Summary: Nagios vulnerabilities
It was discovered that Nagios was vulnerable to a Cross-site request forgery
(CSRF) vulnerability. If an authenticated nagios user were tricked into
clicking a link on a specially crafted web page, an attacker could trigger
commands to be processed by Nagios and execute arbitrary programs. This
update alters Nagios behaviour by disabling submission of CMD_CHANGE commands.
(CVE-2008-5028)
It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.
(CVE-2008-5027)
Instructions: After a standard system upgrade you need to restart Nagios to effect
the necessary ch
Ubuntu
Nagios3 vulnerabilities
vendor_ubuntu·2008-12-22·CVSS 6.5
CVE-2008-5027 [MEDIUM] Nagios3 vulnerabilities
Title: Nagios3 vulnerabilities
Summary: Nagios3 vulnerabilities
It was discovered that Nagios was vulnerable to a Cross-site request forgery
(CSRF) vulnerability. If an authenticated nagios user were tricked into
clicking a link on a specially crafted web page, an attacker could trigger
commands to be processed by Nagios and execute arbitrary programs. This
update alters Nagios behaviour by disabling submission of CMD_CHANGE commands.
(CVE-2008-5028)
It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.
(CVE-2008-5027)
Instructions: After a standard system upgrade you need to restart Nagios to effect
the necessary
Ubuntu
Nagios vulnerability
vendor_ubuntu·2008-12-22
CVE-2008-5027 Nagios vulnerability
Title: Nagios vulnerability
Summary: Nagios vulnerability
It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.
Instructions: After a standard system upgrade you need to restart Nagios to effect
the necessary changes.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2008-6373 nagios: unspecified vuln related to CGI programs
bugzilla·2009-03-02·CVSS 6.5
CVE-2008-6373 [MEDIUM] CVE-2008-6373 nagios: unspecified vuln related to CGI programs
CVE-2008-6373 nagios: unspecified vuln related to CGI programs
Common Vulnerabilities and Exposures assigned an identifier to
the following vulnerability:
Name: CVE-2008-6373
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6373
Assigned: 20090302
Reference: CONFIRM: http://www.nagios.org/development/history/nagios-3x.php
Reference: CONFIRM: http://www.nagios.org/news/#88
Reference: BID:32611
Reference: URL: http://www.securityfocus.com/bid/32611
Reference: SECUNIA:32909
Reference: URL: http://secunia.com/advisories/32909
Unspecified vulnerability in Nagios before 3.0.6 has unspecified
impact and remote attack vectors related to CGI programs, "adaptive
external commands," and "writing newlines and submitting service
comments."
Additional resources:
http://bugs.gentoo.org/sh
Bugzilla
CVE-2008-5027 nagios: authorization bypass via custom form or browser addon
bugzilla·2008-11-10·CVSS 6.5
CVE-2008-5027 [MEDIUM] CVE-2008-5027 nagios: authorization bypass via custom form or browser addon
CVE-2008-5027 nagios: authorization bypass via custom form or browser addon
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5027 to the following vulnerability:
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor
before 4.0.1 allows remote authenticated users to bypass authorization
checks, and trigger execution of arbitrary programs by this process,
via an (a) custom form or a (b) browser addon.
References:
http://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-devel
http://www.openwall.com/lists/oss-security/2008/11/06/2
http://www.nagios.org/development/history/nagios-3x.php
http://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitor
http://www.securityfocus.com/bid/32156
Discu
CWE
Improper Authorization
mitre_cwe
CWE-285 Improper Authorization
CWE-285: Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Background: An access control list (ACL) represents who/what has permissions to a given object. Different operating systems implement (ACLs) in different ways. In UNIX, there are three types of permissions: read, write, and execute. Users are divided into three classes for file access: owner, group owner, and all other users where each class has a separate set of rights. In Windows NT, there are four basic types of permissions for files: "No access", "Read access", "Change access", and "Full control". Windows NT extends the concept of three types of users in UNIX to include a list of users and groups along with their
CWE
Missing Authorization
mitre_cwe
CWE-862 Missing Authorization
CWE-862: Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Background: An access control list (ACL) represents who/what has permissions to a given object. Different operating systems implement (ACLs) in different ways. In UNIX, there are three types of permissions: read, write, and execute. Users are divided into three classes for file access: owner, group owner, and all other users where each class has a separate set of rights. In Windows NT, there are four basic types of permissions for files: "No access", "Read access", "Change access", and "Full control". Windows NT extends the concept of three types of users in UNIX to include a list of users and groups along with their associated permissions.
http://marc.info/?l=bugtraq&m=124156641928637&w=2http://secunia.com/advisories/33320http://secunia.com/advisories/35002http://security.gentoo.org/glsa/glsa-200907-15.xmlhttp://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-develhttp://www.nagios.org/development/history/nagios-3x.phphttp://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitorhttp://www.openwall.com/lists/oss-security/2008/11/06/2http://www.securityfocus.com/bid/32156http://www.securitytracker.com/id?1022165http://www.ubuntu.com/usn/USN-698-1http://www.vupen.com/english/advisories/2008/3029http://www.vupen.com/english/advisories/2008/3364http://www.vupen.com/english/advisories/2009/1256https://www.ubuntu.com/usn/USN-698-3/http://marc.info/?l=bugtraq&m=124156641928637&w=2http://secunia.com/advisories/33320http://secunia.com/advisories/35002http://security.gentoo.org/glsa/glsa-200907-15.xmlhttp://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-develhttp://www.nagios.org/development/history/nagios-3x.phphttp://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitorhttp://www.openwall.com/lists/oss-security/2008/11/06/2http://www.securityfocus.com/bid/32156http://www.securitytracker.com/id?1022165http://www.ubuntu.com/usn/USN-698-1http://www.vupen.com/english/advisories/2008/3029http://www.vupen.com/english/advisories/2008/3364http://www.vupen.com/english/advisories/2009/1256https://www.ubuntu.com/usn/USN-698-3/
2008-11-10
Published